query different LDAP Group DN

Question

Hi, 
&nbsp;  
&nbsp; I've a question regarding a syntax for quering an LDAP tree for users with different 
&nbsp; Group DNs in a LDAP webauthentication (reverse proxy) on a Big IP virtual server. 
&nbsp;  
&nbsp; The old apache web server configuration for this was very simple and looked like this: 
&nbsp;          require group ou=group1,o=member 
&nbsp;          require group ou=group2,o=member 
&nbsp;  
&nbsp; In the BigIP LDAP configuration settings (Local Traffic -&gt; Authentication Configurations) I have only the possibiliy to set on Group DN not two. Or am I wrong? 
&nbsp;  
&nbsp; How can I search for an users in two different Group DN's 
&nbsp;  
&nbsp;  
&nbsp; Regards 
&nbsp;  
&nbsp; Ralf 
&nbsp;  
&nbsp;

semperfiguy_759 · Answer

Did you ever get an answer or figure this out? I have the same issue.

rfroehling_7678 · Answer

I got the answer from F5-Support, that it isn't possible to query different Group DNs: 
&nbsp; "When you configure the LTM for a LDAP authentication, you can only configure on DN entry. That's why you have to choose the parent DN of the users groups and not try to set the users groups DNs themselves. 
&nbsp; I would also suggest you read the following document : 
&nbsp; https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_sol_guide_943/sol_app_auth.html" &nbsp;

Forum Discussion

query different LDAP Group DN

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

gtm sync group different software version

Certified Kubernetes Administrator - Study Group

Intermediate iRules: Data-Groups

Query about Priority Group Activation

VLAN Group and Asymmetric Deployment

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS